“The devil is in the details” — that about sums up my take on the White House Cybersecurity Plan. Many thanks to Lily Newman for including this and some other points from our discussion in her Wired article The High-Stakes Blame Game in the White House Cybersecurity Plan. I appreciate that the Administration is talking…
Tag: Cybersecurity Law
Down the Security Rabbithole Podcast #DtSR with Los and Tuma talking all things #cybersecurity
This week’s #DtSR Podcast featured Raf Los and guest Shawn Tuma talking about all things cybersecurity. Check out more of what was covered and listen to the podcast here! Check out some of the past episodes with Tuma as a guest. Share on social media and join in the discussion! This week on #DtSR…
Security Weekly guest Shawn Tuma discusses “what is reasonable cybersecurity?”
Share on social media and join in the discussion! LinkedIn Post I really enjoyed joining my good friend @catalyst on Security Week today to talk about "what is reasonable cybersecurity?" — Business Security Weekly Episode #76 https://t.co/bINnEhrlkQ — Shawn E. Tuma (@shawnetuma) March 3, 2018
What is “reasonable cybersecurity” and how do courts view it? (SecureWorld interviews)
What is “reasonable cybersecurity” and how do courts view “reasonable cybersecurity”? See KnowB4’s discussion of these interviews These are two excellent questions that I was asked and I answered, as succinctly as I could, in two short interviews with SecureWorld. Tell me what you think about my answers. What Is Reasonable Cybersecurity? – SecureWorld article…
Uber CISO’s Testimony Clarifies Payment to Hackers was Not Legitimate Use of Bug Bounty Program
As bits of information about the Uber data breach have trickled out, including the purported payment through a bug bounty program, I have been concerned about the implications on legitimate corporate bug bounty programs. My concerns grew when I read the New York Times article, Inside Uber’s $100,000 Payment to a Hacker, and the Fallout. …
3 Legal Points for InfoSec Teams to Consider Before an Incident
As a teaser to my presentation at SecureWorld – Dallas last week, I did a brief interview with SecureWorld and talked about three of the points I would make in my lunch keynote, The Legal Case for Cybersecurity. If you’re going to SecureWorld – Denver next week, join me for the lunch keynote on Thursday (11/2)…
What do we in the United States really want from our cyber laws?
In my newsfeed are articles in prominent publications discussing the problems with the federal Computer Fraud and Abuse Act from very different perspectives. In the “the CFAA is dangerous for security researchers” corner we have White Hat Hackers and the Internet of Bodies, in Law360, discussing how precarious the CFAA (and presumably, the state hacking laws…
NIST Cybersecurity Guidance for Small Business Likely Forthcoming
The US House of Representatives has passed legislation similar to that recently passed by the Senate that would require the National Institute of Standards and Technology (NIST) to produce cybersecurity guidance that will be aimed at helping small businesses. The NIST Small Business Cybersecurity Act of 2017 would include NIST’s creating guidelines, tools, and best…
Musings about the Equifax Data Breach
This is intended to be an old-fashioned “blog” about thoughts on the Equifax data breach. It will be ongoing so please check back regularly. Topics Media interviews and commentary We are seeing shame hacking taken to a new level Will I lead a consumer class action lawsuit against Equifax? Lawsuits and investigations against Equifax What…
IoT Cybersecurity Improvement Act of 2017 proposed by Senate Cybersecurity Caucus
On August 1, 2017, the Senate Cybersecurity Caucus introduced the “Internet of Things (IoT) Cybersecurity Improvement Act of 2017,” bi-partisan legislation focused on establishing minimum security requirements for the federal procurement of Internet connected devices (#IoT).
You must be logged in to post a comment.